SitePoint Sponsor

User Tag List

Results 1 to 18 of 18

Thread: credit cards

  1. #1
    SitePoint Enthusiast
    Join Date
    Jul 2000
    Posts
    37
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Does anyone know of a credit card verification system that accepts data from PHP? I have a shopping cart script that I've just integrated with a site, and now that I'm getting to the point of dealing with credit cards, I'm finding most of the services out there only deal with Perl or ASP...please help!

  2. #2
    Serial Publisher silver trophy aspen's Avatar
    Join Date
    Aug 1999
    Location
    East Lansing, MI USA
    Posts
    12,939
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Actually IME most services will deal in anything. Maybe they simply say perl or ASP because when they started those were the only real server side technologies.

    Usually this is how it works.

    Your script sends info to CC processing Script
    -processing-
    CC processing script sends info back to your script

    All that the CC processing script is doing is accepting and sending variables, it shouldn't care, or shouldn't even know, if those variables came from ASP, PHP, CGI, CF, JSP, anything.

    So... any service should work fine with PHP. The only reason it wouldn't is if they purposesly block it.

    Chris

    Chris Beasley - I publish content and ecommerce sites.
    Featured Article: Free Comprehensive SEO Guide
    My Guide to Building a Successful Website
    My Blog|My Webmaster Forums

  3. #3
    SitePoint Wizard silver trophy Karl's Avatar
    Join Date
    Jul 1999
    Location
    Derbyshire, UK
    Posts
    4,411
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You can compile PHP with Cybercash support in so that you can do secure transactions using it, there is a class called CyberClass for doing so.
    Karl Austin :: Profile :: KDA Web Services Ltd.
    Business Web Hosting :: Managed Dedicated Hosting
    Call 0800 542 9764 today and ask how we can help your business grow.

  4. #4
    SitePoint Enthusiast
    Join Date
    Jul 2000
    Posts
    37
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Aspen, that turned out to be the case. After talking with a few businesses who told me they only accept data from ASP and Perl, I finally found these guys: http://www.authorizenet.com/ (notice the php logo
    who assured me that the data that *any* authentication script accepts is just that...raw data (encrypted of course). Not a variable of any form. Oh well...I guess some folks lost business due to bad tech-support.

  5. #5
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Are you talking about php and authorize.net working together? As far as I know php cannot open a socket connection to https://. You can use php to build up the varsiables that authorize.net expects but the user will still need to go to authorize.net's site to process the credit card. Unless of cource you use something like CURL
    It works on the sevrer and can make connections to https:// I have sucessfulley used this in conjunction with OpenSSL to build a system that works with PHP and authorize.net where you can send the encrypted data throught a secure socket to authorize.net and get a response back without ever using their lame forms to do it. If you want more info jhust email me.
    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  6. #6
    Serial Publisher silver trophy aspen's Avatar
    Join Date
    Aug 1999
    Location
    East Lansing, MI USA
    Posts
    12,939
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I've worked with authorize.

    How they work is just by accepting variables, you do not have to do anything in your script with PHP, its via html forms.

    You make a form fill in the correct information, include hidden fields like user name, thank you page etc, and send it to authorize's script, which then processes the transaction and sends the user to the thankyou page along with a few variables which you then use a script to interpret.

    Now the form sent to authorize can be of course generated dynamically using the language of your choice, integrated with a shopping cart using the language of your choice. But when it comes right down to it its just a form. No matter what language created it.

    Chris Beasley - I publish content and ecommerce sites.
    Featured Article: Free Comprehensive SEO Guide
    My Guide to Building a Successful Website
    My Blog|My Webmaster Forums

  7. #7
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Chris I am talking about never even going to authorize.net I am atlking about opening a secure socket connection to authorize.net's server and passing the data that way.
    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  8. #8
    Serial Publisher silver trophy aspen's Avatar
    Join Date
    Aug 1999
    Location
    East Lansing, MI USA
    Posts
    12,939
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I don't think they offer that service.

    Besides its not really necessary... many customers probably dont even realize that they've been bounced to authorize and back to you.
    Chris Beasley - I publish content and ecommerce sites.
    Featured Article: Free Comprehensive SEO Guide
    My Guide to Building a Successful Website
    My Blog|My Webmaster Forums

  9. #9
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That is my point Chris, have you ever tried to customize authorize.net's forms to look like the rest of your site, you can't! But like I said in my earlier post you can, I do it, use a combo of PHP, OpenSSL and CURL to make a secure connection with authorize.net and pass data and receive data. Working Example.

    <?
    curl = "/usr/local/bin/curl";
    $my_authnet_userid = "yourid";
    $total = "1.00";
    $cc_number = "41111111111111";
    $cc_exp = "1002";
    $invoiceno = "4365356536";
    $billing_address = "your address";
    $billing_address = urlencode($billing_address);
    $billing_zip = "yourzipcode";
    exec("$curl -d 'x_Login=$my_authnet_userid&x_Amount=$total&x_Card_Num=$cc_number&x_Exp_Date=$cc_exp&x_ADC_URL=FALSE&x_ADC_Delim_Data=TRUE&x_Invoice_Num=$invoiceno&x_Version=3.0&x_Address=$billing_address&x_Zip=$billing_zip' https://secure.authorize.net/gateway/transact.dll", $authorize, $ret);

    $auth_return = split("\,", $authorize[0]);

    // for debugging you can print the variables returned:
    for ($idx = 0; $idx < 39; ++$idx) {
    $pos = $idx+1;
    echo "Code".$pos.": ".$auth_return[$idx]."<BR>";
    }

    if($auth_return[0] == 1){

    $auth_code = $auth_return[4];
    $avs_code = $auth_return[5];
    $trans_id = $auth_return[6];

    } elseif($auth_return[0] == 2){

    print "<b>Your order cannot be processed at this time, as your
    credit card was not accepted.</b><br>";

    } elseif($auth_return[0] == 3){

    print "<b>An error has occurred and your order cannot be proces
    sed at this time.</b><br>";

    }
    ?>
    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  10. #10
    SitePoint Evangelist
    Join Date
    May 2000
    Location
    Canada
    Posts
    533
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    freddydoesphp,

    thats not the implementation you used there

    cURL from a shell means running extra binaries....

    cURL works great, compile it as a library and use libcurl with the PHP cURL functions ... (php has to be compiled to support them)

    -----------------------------
    myPHPhost.com: we know PHP

    geekarea.org - where nothing means something and something means nothing

  11. #11
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Maybe I used the wrong terminology, sorry! I meant using php to manipulate cURL to open a secure connection to authorize.net. I have been meaning to recompile php with libcurl on our dev server, just haven't had time. Vinay would you agree with me on the fact that it is possible to us ephp to interact with authorize.net without having to use tehir forms?
    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  12. #12
    Serial Publisher silver trophy aspen's Avatar
    Join Date
    Aug 1999
    Location
    East Lansing, MI USA
    Posts
    12,939
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    That is my point Chris, have you ever tried to customize authorize.net's forms to look like the rest of your site, you can't! ....
    Um... we're definitely not on the same page here because that is exactly what I was hired to do when I worked with authorize and I did it just fine. It was in ASP and I was hired to make sure the ordering pages worked with authorize, design the final submit form, and construct a receipt page out of what they sent back.

    The forms are not hosted by authorize. They're hosted by you. When the user clicks submit the info is sent to authorize and the user is sent to another page on your site. You never actually visit an authorize page.


    Chris Beasley - I publish content and ecommerce sites.
    Featured Article: Free Comprehensive SEO Guide
    My Guide to Building a Successful Website
    My Blog|My Webmaster Forums

  13. #13
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Actually that is incorrect yes the forms are on your site but once you post your data to authorize.net you cannot get them to post anything back to you they merely pull your thank you page and display it, what if you want to get the reponse code and auth code back from them? You cannot use native suport in pHP to open a secure socket to authorize which is what I am suggesting. That way you could pass encrypted data back and forth with authorize.net withou using HTTP. Do you see what I am getting at?
    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  14. #14
    SitePoint Enthusiast
    Join Date
    Jul 2000
    Posts
    37
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Thanks, guys. Even if the user is taken to authorizes site, that will be fine for a bit. This is a freeby site for my folks, so tweaking the form can wait until I get settled in to the new semester
    Ultimately, I would like to have everything done on my site, so if I do in fact need to use cURL, I'll be sure to enlist the help of you guys...as I have no idea what a "secure socket" is. lol.
    Thanks again,
    Luke

  15. #15
    Serial Publisher silver trophy aspen's Avatar
    Join Date
    Aug 1999
    Location
    East Lansing, MI USA
    Posts
    12,939
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Freddy they do pass variables back to you. I built a receipt page out of them, unless they changed their service since I did this.

    There is a whole list a response variables. The main one being the one that indicates if the transfer was successful, and then one that indicates the reason why it was not (if it wasn't).

    I no longer do work for that company so I don't have the code anymore or I'd pull it out but they definitely do pass the variables back to you. I didn't imagine doing it.

    Chris Beasley - I publish content and ecommerce sites.
    Featured Article: Free Comprehensive SEO Guide
    My Guide to Building a Successful Website
    My Blog|My Webmaster Forums

  16. #16
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    It is still not opening a socket connection to them it is posting the data through HTTP I am atlking about doing without having to hit their servers, don't matter how much you tell me if you use a form and post to authorize.net you are still leaving your site going to their server having them process the data and then having them post the data back to you. I am talking about doing all that from your sevrer through sockets not HTTP. It is way faster and more secure.
    Please don't PM me with questions.
    Use the forums, that is what they are here for.

  17. #17
    Serial Publisher silver trophy aspen's Avatar
    Join Date
    Aug 1999
    Location
    East Lansing, MI USA
    Posts
    12,939
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yes. Okay... I think we are finally on the same page.
    Chris Beasley - I publish content and ecommerce sites.
    Featured Article: Free Comprehensive SEO Guide
    My Guide to Building a Successful Website
    My Blog|My Webmaster Forums

  18. #18
    Dumb PHP codin' cat
    Join Date
    Aug 2000
    Location
    San Diego, CA
    Posts
    5,460
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yes now we are on the same page, what it boils down to is that other online payment porcessors like cybercash allow you to send data to their servers through sockets and get a response instaed of the tradional post method. cURL gives you that option for php and authorize.net, that is all I am saying. I know exactly what you rae talking about, I have done a few sites like that, but it sucked because you had to leave your server, I stumbled onto the whole cURL method about a month ago, and I implemented into our new ecommerce system for my work, it is great!
    Please don't PM me with questions.
    Use the forums, that is what they are here for.


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •